ossec-authd¶
The ossec-authd program can automatically add an agent to a Wazuh manager and provide the key to the agent. The agent-auth application is the client application used with ossec-authd. ossec-authd creates an agent with an IP address of “any” instead of using a specifig IP address.
Warning
By default, there is no authentication or authorization involved in this transaction, so it is recommended that this daemon only be run when a new agent is being added.
-V |
Version and license message. |
|
-h |
This help message. |
|
-d |
Debug mode. Use this parameter multiple times to increase the debug level. |
|
-t |
Test configuration. |
|
-f |
Run in foreground. |
|
-i |
Use client’s source IP address instead of any. |
|
-F <time> |
Remove old agent with same name or IP if its keepalive has more than the specified number of seconds. |
|
-F no |
Disable force insertion. |
|
-r |
Do not keep removed agents (delete). |
|
-g <group> |
Group to run as. |
|
Default |
ossec |
|
-D <dir> |
Directory to chroot into. |
|
Default |
/var/ossec |
|
-p <port> |
Manager port. |
|
Default |
1515 |
|
-P |
Enable shared password authentication, at /var/ossec/etc/authd.pass or random. |
|
-c <ciphers> |
SSL cipher list. The format of this parameter is described in SSL ciphers. |
|
Default |
HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH |
|
-v <path> |
Full path to CA certificate used to verify clients. |
|
-s |
Used with -v, enable source host verification. |
|
-x <path> |
Full path to server certificate. |
|
Default |
/var/ossec/etc/sslmanager.cert. |
|
-k <path> |
Full path to server key. |
|
Default |
/var/ossec/etc/sslmanager.key. |
|
-a |
Auto negotiate the most secure common SSL/TLS method with the client. |
|
Default |
TLS v1.2 only (if supported by the server). |
|
-L |
Force insertion even though agent limit has been reached. |
|